Habe dann noch die "Standartprozedur" durchgeführt, anbei die Logfiles: Zitat:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:19 on 06/08/2013 (User)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed
Checking for services/drivers...
Unable to read SafeBoot.sys
-=E.O.F=-
| FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-08-2013
Ran by User (administrator) on 06-08-2013 13:27:42
Running from C:\Users\User\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(AMD) C:\windows\system32\atiesrxx.exe
(Hewlett-Packard) C:\windows\system32\Hpservice.exe
(AMD) C:\windows\system32\atieclxx.exe
(Wsys Co., Ltd.) C:\ProgramData\eSafe\eGdpSvc.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Bioscrypt Inc.) C:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ActivIdentity) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\windows\system32\AEADISRV.EXE
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\windows\system32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Users\User\Desktop\Defogger.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [QlbCtrl.exe] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [288312 2009-07-28] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-25] (Intel Corporation)
HKLM\...\Run: [PDF Complete] - C:\Program Files\PDF Complete\pdfsty.exe [563736 2009-06-18] (PDF Complete Inc)
HKLM\...\Run: [WirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM\...\Run: [MVS Splash] - C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe [x]
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1721640 2010-08-17] (Synaptics Incorporated)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1230704 2011-01-11] ()
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [SoundMAX] - C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [3866624 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [acevents] - C:\Program Files\ActivIdentity\ActivClient\acevents.exe [153640 2009-06-03] (ActivIdentity)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [accrdsub] - C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [400936 2009-06-03] (ActivIdentity)
HKLM\...\Run: [PTHOSTTR] - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start [x]
HKLM\...\Run: [CognizanceTS] - C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [24848 2009-07-23] (Bioscrypt Inc.)
HKLM\...\Run: [Malwarebytes' Anti-Malware] - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [462920 2012-07-03] (Malwarebytes Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKLM\...\runonceex: [ContentMerger] - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe [19952 2009-06-13] (Sonic Solutions)
Winlogon\Notify\!SASWinLogon: G:\Neuer Ordner\SASWINLO.DLL [X]
HKCU\...\Run: [SUPERAntiSpyware] - G:\Neuer Ordner\SUPERAntiSpyware.exe [x]
HKCU\...\Run: [Google Update] - C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-15] (Google Inc.)
HKCU\...\Run: [GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE] - C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe [825808 2013-05-29] (Google Inc.)
HKCU\...\Policies\system: [DisableCMD] 0
MountPoints2: {3464dca5-900b-11e0-8fb6-18a905e37ce7} - D:\Autorun.exe
MountPoints2: {e1b32d32-07b4-11df-ac17-806e6f6e6963} - F:\Launcher.exe
HKU\Default\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [ 2009-07-16] (Hewlett-Packard)
HKU\Default User\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [ 2009-07-16] (Hewlett-Packard)
Lsa: [Notification Packages] scecli ASWLNPkg
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
URLSearchHook: (No Name) - {b80f591e-fe9a-46cf-a13e-180377240586} - No File
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Citavi Picker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU -No Name - {B80F591E-FE9A-46CF-A13E-180377240586} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: myrm - {4D034FC3-013F-4b95-B544-44D49ABE3E76} - C:\Program Files\McAfee\Managed VirusScan\Agent\myRmProt4.9.2.329.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - G:\Neuer Ordner\SASSEH.DLL No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\r9xl3eaq.default
FF NewTab: hxxp://search.babylon.com/?affID=119292&babsrc=NT_ss&mntrId=2690001E648DB6DD
FF SelectedSearchEngine: qvo6
FF Homepage: hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9500420AS_5VJ2ZAL9&ts=1375732143
FF Keyword.URL: hxxp://search.babylon.com/?babsrc=toolbar2&q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=1.6.0_35 - C:\windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer - C:\windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\User\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\User\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Babylon - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\r9xl3eaq.default\Extensions\ffxtlbr@babylon.com
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\r9xl3eaq.default\Extensions\ich@maltegoetz.de
FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\r9xl3eaq.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF Extension: pencil - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\r9xl3eaq.default\Extensions\pencil@evolus.vn.xpi
FF Extension: Default - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
Chrome:
=======
CHR HomePage: hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9500420AS_5VJ2ZAL9&ts=1375732143
CHR RestoreOnStartup: "hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9500420AS_5VJ2ZAL9&ts=1375732143"
CHR DefaultSearchURL: (qvo6) - hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=ST9500420AS_5VJ2ZAL9&ts=1375732143&type=default&q={searchTerms}
CHR DefaultSuggestURL: (qvo6) - "suggest_url": "",
CHR Plugin: (Shockwave Flash) - C:\Users\User\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\User\AppData\Local\Google\Chrome\Application\27.0.1453.110\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\User\AppData\Local\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\User\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Veetle TV Player) - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (TVU Web Player for FireFox) - C:\windows\system32\TVUAx\npTVUAx.dll (TVU networks)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (ProxTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.3_0
CHR Extension: (DivX HiQ) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0
CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.4_0
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.0_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0
CHR Extension: (Citavi Picker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\piehhloihgjjiomhieeddiidpekaajio\2013.4.29_0
CHR HKLM\...\Chrome\Extension: [aakchaleigkohafkfjfjbblobjifikek] - C:\Users\User\AppData\LocalLow\proxtube\CHROME\proxtube.crx
CHR HKLM\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx
CHR HKLM\...\Chrome\Extension: [piehhloihgjjiomhieeddiidpekaajio] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Chrome\ChromePicker.crx
========================== Services (Whitelisted) =================
R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [207400 2009-06-03] (ActivIdentity)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
S2 appdrvrem01; C:\Windows\System32\appdrvrem01.exe [316888 2012-05-09] (Protection Technology)
R2 ASBroker; C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [192784 2009-07-23] (Bioscrypt Inc.)
R2 ASChannel; C:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll [150288 2009-07-23] (Bioscrypt Inc.)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1201400 2009-07-29] (AuthenTec, Inc.)
R2 HpFkCryptService; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [256544 2009-07-29] (McAfee, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [655944 2012-07-03] (Malwarebytes Corporation)
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-06-18] (PDF Complete Inc)
R2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [891456 2013-08-05] (Wsys Co., Ltd.)
R2 yksvc; C:\Windows\System32\yk62x86.dll [282624 2009-07-20] (Marvell)
S2 !SASCORE; "G:\Neuer Ordner\SASCORE.EXE" [x]
S2 EngineServer; C:\PROGRA~1\McAfee\MANAGE~1\VScan\ENGINE~1.EXE [x]
S3 HP ProtectTools Service; "C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe" [x]
S2 myAgtSvc; "C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe" /ServiceStart [x]
==================== Drivers (Whitelisted) ====================
R3 5U876UVC; C:\Windows\System32\DRIVERS\5U876.sys [118656 2009-06-30] (Ricoh co.,Ltd.)
R1 appdrv01; C:\Windows\System32\Drivers\appdrv01.sys [3332784 2012-05-09] (Protection Technology)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2011-01-16] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-04-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-04-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-04-01] (Avira Operations GmbH & Co. KG)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [101248 2011-10-17] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2011-06-06] (DT Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2011-01-16] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [22344 2012-07-03] (Malwarebytes Corporation)
R1 mfetdik; C:\Windows\System32\drivers\mfetdik.sys [55336 2009-05-16] (McAfee, Inc.)
S3 NETw1v32; C:\Windows\System32\DRIVERS\NETw1v32.sys [5958656 2009-07-21] (Intel Corporation)
R1 RsvLock; C:\Windows\System32\Drivers\RsvLock.sys [12528 2009-07-29] (SafeBoot International)
R0 SafeBoot; C:\Windows\System32\Drivers\SafeBoot.sys [109216 2009-07-29] ()
R0 SbAlg; C:\Windows\System32\Drivers\SbAlg.sys [51408 2009-07-29] (SafeBoot N.V.)
R0 SbFsLock; C:\Windows\System32\Drivers\SbFsLock.sys [12960 2009-07-29] (SafeBoot International)
S0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [66560 2005-05-16] (Protection Technology)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-03] (Avira GmbH)
S1 SASDIFSV; \??\G:\Neuer Ordner\SASDIFSV.SYS [x]
S1 SASKUTIL; \??\G:\Neuer Ordner\SASKUTIL.SYS [x]
U3 mbr; \??\C:\Users\User\AppData\Local\Temp\mbr.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-06 13:27 - 2013-08-06 13:27 - 00000000 ____D C:\FRST
2013-08-06 13:26 - 2013-08-06 13:26 - 01228808 _____ (Farbar) C:\Users\User\Desktop\FRST.exe
2013-08-06 13:19 - 2013-08-06 13:19 - 00000598 _____ C:\Users\User\Desktop\defogger_disable.log
2013-08-06 13:19 - 2013-08-06 13:19 - 00000156 _____ C:\Users\User\defogger_reenable
2013-08-06 13:18 - 2013-08-06 13:18 - 00050477 _____ C:\Users\User\Desktop\Defogger.exe
2013-08-06 13:13 - 2013-08-06 13:13 - 00022262 _____ C:\Users\User\Desktop\dds.txt
2013-08-06 13:13 - 2013-08-06 13:13 - 00009873 _____ C:\Users\User\Desktop\attach.txt
2013-08-06 13:10 - 2013-08-06 13:10 - 00700783 ____R (Swearware) C:\Users\User\Desktop\dds+.exe
2013-08-06 13:07 - 2013-08-06 13:07 - 00015362 _____ C:\Users\User\Desktop\AdwCleaner[S1].txt
2013-08-06 13:02 - 2013-08-06 13:06 - 00015362 _____ C:\AdwCleaner[S1].txt
2013-08-06 13:02 - 2013-08-06 13:02 - 00791488 _____ C:\Users\User\Downloads\ImageEditorSetup.exe
2013-08-06 13:02 - 2013-08-06 13:02 - 00666633 _____ C:\Users\User\Downloads\adwcleaner.exe
2013-08-06 08:08 - 2013-08-06 08:08 - 00000000 ____D C:\windows\system32\MRT
2013-08-06 08:08 - 2013-08-06 08:08 - 00000000 ____D C:\6e3ffb7815cbe27a668914aacbca93
2013-08-05 21:49 - 2013-08-06 13:04 - 00000000 ____D C:\ProgramData\eSafe
2013-08-05 21:48 - 2013-08-05 21:48 - 00000000 ____D C:\Users\User\AppData\Roaming\eIntaller
2013-08-03 04:44 - 2013-08-05 21:37 - 00000000 ____D C:\Users\User\Desktop\maria
2013-08-01 23:38 - 2013-08-01 23:38 - 00262515 _____ C:\Users\User\Downloads\Altklausuren.zip
2013-07-31 13:48 - 2013-07-31 13:48 - 00435712 _____ C:\Users\User\Downloads\awp11bg.ppt
2013-07-29 16:42 - 2013-07-31 19:40 - 00125275 ____H C:\Users\User\Documents\~WRL2837.tmp
2013-07-29 14:33 - 2013-07-29 14:33 - 00166400 _____ C:\Users\User\Downloads\wipol 2 - allokatives marktversagen.ppt
2013-07-28 14:11 - 2013-07-28 14:11 - 10120704 _____ C:\Users\User\Downloads\Int_Ec_Rel_and_Reg_Integr_SS_2013_17072013.ppt
2013-07-23 14:22 - 2013-07-23 14:23 - 00000000 ____D C:\Users\User\Downloads\VBL
2013-07-18 00:35 - 2013-07-24 22:51 - 00000000 ____D C:\Users\User\Downloads\externe
2013-07-15 10:52 - 2013-07-23 01:00 - 00000000 ____D C:\Users\User\Downloads\Informationsmanagment
2013-07-12 10:00 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-07-12 10:00 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-07-12 10:00 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-07-12 10:00 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-07-12 10:00 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-07-12 10:00 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-07-12 10:00 - 2013-06-12 01:43 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-07-12 10:00 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-07-12 10:00 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-07-12 10:00 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-07-12 10:00 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-07-12 10:00 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-07-12 10:00 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-07-12 10:00 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-07-12 10:00 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-07-12 10:00 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-07-11 15:14 - 2013-06-05 05:05 - 02347520 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-07-11 15:14 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2013-07-11 15:14 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-07-11 15:14 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
==================== One Month Modified Files and Folders =======
2013-08-06 13:27 - 2013-08-06 13:27 - 00000000 ____D C:\FRST
2013-08-06 13:26 - 2013-08-06 13:26 - 01228808 _____ (Farbar) C:\Users\User\Desktop\FRST.exe
2013-08-06 13:19 - 2013-08-06 13:19 - 00000598 _____ C:\Users\User\Desktop\defogger_disable.log
2013-08-06 13:19 - 2013-08-06 13:19 - 00000156 _____ C:\Users\User\defogger_reenable
2013-08-06 13:18 - 2013-08-06 13:18 - 00050477 _____ C:\Users\User\Desktop\Defogger.exe
2013-08-06 13:13 - 2013-08-06 13:13 - 00022262 _____ C:\Users\User\Desktop\dds.txt
2013-08-06 13:13 - 2013-08-06 13:13 - 00009873 _____ C:\Users\User\Desktop\attach.txt
2013-08-06 13:13 - 2009-07-14 06:34 - 00019760 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-06 13:13 - 2009-07-14 06:34 - 00019760 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-06 13:10 - 2013-08-06 13:10 - 00700783 ____R (Swearware) C:\Users\User\Desktop\dds+.exe
2013-08-06 13:07 - 2013-08-06 13:07 - 00015362 _____ C:\Users\User\Desktop\AdwCleaner[S1].txt
2013-08-06 13:06 - 2013-08-06 13:02 - 00015362 _____ C:\AdwCleaner[S1].txt
2013-08-06 13:04 - 2013-08-05 21:49 - 00000000 ____D C:\ProgramData\eSafe
2013-08-06 13:04 - 2013-06-11 21:58 - 00010316 _____ C:\windows\setupact.log
2013-08-06 13:04 - 2012-02-15 13:38 - 00001090 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-06 13:04 - 2009-07-14 06:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-08-06 13:03 - 2012-08-15 11:57 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-08-06 13:03 - 2011-05-13 21:34 - 00001007 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-06 13:03 - 2010-01-23 02:21 - 01621726 _____ C:\windows\WindowsUpdate.log
2013-08-06 13:03 - 2010-01-22 17:59 - 00001146 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-06 13:02 - 2013-08-06 13:02 - 00791488 _____ C:\Users\User\Downloads\ImageEditorSetup.exe
2013-08-06 13:02 - 2013-08-06 13:02 - 00666633 _____ C:\Users\User\Downloads\adwcleaner.exe
2013-08-06 08:08 - 2013-08-06 08:08 - 00000000 ____D C:\windows\system32\MRT
2013-08-06 08:08 - 2013-08-06 08:08 - 00000000 ____D C:\6e3ffb7815cbe27a668914aacbca93
2013-08-05 22:39 - 2012-08-15 11:55 - 00001116 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4234438737-965128108-3711115987-1001UA.job
2013-08-05 22:36 - 2012-07-31 10:36 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-08-05 22:36 - 2012-02-15 13:38 - 00001094 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-05 21:49 - 2012-08-15 11:57 - 00002552 _____ C:\Users\User\Desktop\chrome.lnk
2013-08-05 21:49 - 2010-01-31 18:23 - 00001573 _____ C:\Users\User\Desktop\Internet Explorer.lnk
2013-08-05 21:48 - 2013-08-05 21:48 - 00000000 ____D C:\Users\User\AppData\Roaming\eIntaller
2013-08-05 21:37 - 2013-08-03 04:44 - 00000000 ____D C:\Users\User\Desktop\maria
2013-08-05 21:35 - 2012-08-15 11:55 - 00001064 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4234438737-965128108-3711115987-1001Core.job
2013-08-05 12:08 - 2012-11-15 15:11 - 00000000 ____D C:\Users\User\Downloads\alt
2013-08-04 21:25 - 2009-09-20 16:47 - 00909458 _____ C:\windows\system32\PerfStringBackup.INI
2013-08-03 04:27 - 2009-07-14 04:37 - 00000000 ____D C:\windows\system32\wfp
2013-08-03 04:26 - 2010-02-02 19:37 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2013-08-03 04:26 - 2009-07-14 04:37 - 00000000 ____D C:\windows\system32\NDF
2013-08-03 04:26 - 2009-07-14 04:37 - 00000000 ____D C:\windows\registration
2013-08-03 04:26 - 2009-07-14 04:37 - 00000000 ____D C:\windows\AppCompat
2013-08-01 23:38 - 2013-08-01 23:38 - 00262515 _____ C:\Users\User\Downloads\Altklausuren.zip
2013-08-01 06:41 - 2009-09-20 16:49 - 00000000 ____D C:\ProgramData\PDFC
2013-07-31 19:40 - 2013-07-29 16:42 - 00125275 ____H C:\Users\User\Documents\~WRL2837.tmp
2013-07-31 14:08 - 2010-01-31 18:52 - 00000052 _____ C:\windows\system32\DOErrors.log
2013-07-31 14:07 - 2011-10-26 16:49 - 00000000 _____ C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-07-31 13:48 - 2013-07-31 13:48 - 00435712 _____ C:\Users\User\Downloads\awp11bg.ppt
2013-07-31 13:31 - 2013-01-31 14:47 - 00000136 ____H C:\Users\User\Downloads\.picasa.ini
2013-07-29 20:40 - 2011-05-13 20:35 - 00000000 ____D C:\Program Files\Google
2013-07-29 14:33 - 2013-07-29 14:33 - 00166400 _____ C:\Users\User\Downloads\wipol 2 - allokatives marktversagen.ppt
2013-07-28 14:11 - 2013-07-28 14:11 - 10120704 _____ C:\Users\User\Downloads\Int_Ec_Rel_and_Reg_Integr_SS_2013_17072013.ppt
2013-07-26 20:30 - 2010-01-22 18:24 - 00248388 _____ C:\windows\PFRO.log
2013-07-24 22:51 - 2013-07-18 00:35 - 00000000 ____D C:\Users\User\Downloads\externe
2013-07-23 14:23 - 2013-07-23 14:22 - 00000000 ____D C:\Users\User\Downloads\VBL
2013-07-23 01:00 - 2013-07-15 10:52 - 00000000 ____D C:\Users\User\Downloads\Informationsmanagment
2013-07-15 14:07 - 2010-04-27 12:00 - 01161216 ___SH C:\Users\User\Desktop\Thumbs.db
2013-07-13 00:17 - 2012-12-11 17:35 - 00000000 ___RD C:\Program Files\Skype
2013-07-13 00:17 - 2010-01-22 17:41 - 00000000 ____D C:\ProgramData\Skype
2013-07-12 11:45 - 2009-07-14 04:37 - 00000000 ____D C:\windows\Microsoft.NET
2013-07-12 10:20 - 2009-07-14 06:33 - 00475216 _____ C:\windows\system32\FNTCACHE.DAT
2013-07-12 10:19 - 2010-07-22 16:22 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-12 10:17 - 2009-07-27 13:09 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-12 10:17 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-12 09:59 - 2009-09-20 16:54 - 00000000 ____D C:\ProgramData\Microsoft Help
Files to move or delete:
====================
C:\ProgramData\ism_0_llatsni.pad
C:\ProgramData\kcap_0paos.pad
C:\Users\User\AppData\Roaming\skype.dat
C:\Users\User\AppData\Roaming\skype.ini
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-02 08:50
==================== End Of Log ============================ --- --- --- Zitat:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-08-2013
Ran by User at 2013-08-06 13:28:28
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 3.0.0)
32 Bit HP CIO Components Installer (Version: 6.1.1)
4500_Help (Version: 1.00.0000)
7-Zip 4.65
ActivClient x86 (Version: 6.2)
Adobe AIR (Version: 2.0.4.13090)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader XI (11.0.02) (Version: 11.0.02)
Anno 1701 (Version: 1.00)
ANSTOSS 3
ATI Catalyst Install Manager (Version: 3.0.732.0)
AuthenTec Fingerprint System (Version: 8.0.202.0)
Avira Free Antivirus (Version: 13.0.0.3885)
AVM FRITZ!Box USB-Fernanschluss (HKCU Version: 2.2.1.0)
bpd_scan (Version: 3.00.0000)
BPDSoftware (Version: 50.0.165.000)
BPDSoftware_Ini (Version: 1.00.0000)
BufferChm (Version: 130.0.331.000)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0804.1118.18368)
Catalyst Control Center Graphics Full Existing (Version: 2009.0804.1118.18368)
Catalyst Control Center Graphics Full New (Version: 2009.0804.1118.18368)
Catalyst Control Center Graphics Light (Version: 2009.0804.1118.18368)
Catalyst Control Center InstallProxy (Version: 2009.0804.1118.18368)
Catalyst Control Center Localization All (Version: 2009.0804.1118.18368)
CCC Help Chinese Standard (Version: 2009.0804.1117.18368)
CCC Help Chinese Traditional (Version: 2009.0804.1117.18368)
CCC Help Czech (Version: 2009.0804.1117.18368)
CCC Help Danish (Version: 2009.0804.1117.18368)
CCC Help Dutch (Version: 2009.0804.1117.18368)
CCC Help English (Version: 2009.0804.1117.18368)
CCC Help Finnish (Version: 2009.0804.1117.18368)
CCC Help French (Version: 2009.0804.1117.18368)
CCC Help German (Version: 2009.0804.1117.18368)
CCC Help Greek (Version: 2009.0804.1117.18368)
CCC Help Hungarian (Version: 2009.0804.1117.18368)
CCC Help Italian (Version: 2009.0804.1117.18368)
CCC Help Japanese (Version: 2009.0804.1117.18368)
CCC Help Korean (Version: 2009.0804.1117.18368)
CCC Help Norwegian (Version: 2009.0804.1117.18368)
CCC Help Polish (Version: 2009.0804.1117.18368)
CCC Help Portuguese (Version: 2009.0804.1117.18368)
CCC Help Russian (Version: 2009.0804.1117.18368)
CCC Help Spanish (Version: 2009.0804.1117.18368)
CCC Help Swedish (Version: 2009.0804.1117.18368)
CCC Help Thai (Version: 2009.0804.1117.18368)
CCC Help Turkish (Version: 2009.0804.1117.18368)
ccc-core-static (Version: 2009.0804.1118.18368)
ccc-utility (Version: 2009.0804.1118.18368)
CDBurnerXP (Version: 4.4.0.2905)
Citavi 4 (Version: 4.0.0.12)
Compatibility Pack für 2007 Office System (Version: 12.0.6612.1000)
Credential Manager for HP ProtectTools (Version: 4.1.5.1483)
DAEMON Tools Lite (Version: 4.40.2.0131)
DirectX 9 Runtime (Version: 1.00.0000)
DivX-Setup (Version: 2.3.1.2)
DownVision (Version: 1.0)
Drive Encryption for HP ProtectTools (Version: 4.0.24)
EA Download Manager (Version: 7.3.7.4)
ElsterFormular (Version: 14.1.20130301)
Empire Earth II
FIFA 10 (Version: 1.0.0.0)
FIFA 11 (Version: 1.0.0.0)
Free YouTube to MP3 Converter version 3.12.1.320 (Version: 3.12.1.320)
GIMP 2.8.4 (Version: 2.8.4)
Google Chrome (HKCU Version: 27.0.1453.110)
Google Earth Plug-in (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.153)
GPL MPEG-1/2 DirectShow Decoder Filter (Version: 0.1.2)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)
HP 3D DriveGuard (Version: 4.0.5.1)
HP Advisor (Version: 3.2.8946.3086)
HP Common Access Service Library (Version: 3.0.28.1)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP ESU for Microsoft Windows 7 (Version: 1.0.1.1)
HP Integrated Module with Bluetooth wireless technology (Version: 6.2.0.9602)
HP JavaCard for HP ProtectTools (Version: 04.10.9.0013)
HP Officejet J4500 Series (Version: 13.0)
HP ProtectTools Security Manager (Version: 04.10.9.0013)
HP ProtectTools Security Manager Suite (Version: 04.10.9.0013)
HP Quick Launch Buttons (Version: 6.50.4.2)
HP QuickLook (Version: 3.0.0.17)
HP Setup (Version: 1.2.3215.3078)
HP Software Setup (Version: 1.0.0.15)
HP Support Assistant (Version: 7.0.39.15)
HP User Guides 0136 (Version: 1.03.0002)
HP Wallpaper (Version: 1.0.1.11)
HP Web Camera (Version: 1.0.0)
HP Webcam (Version: 1.0)
HP Wireless Assistant (Version: 3.50.9.1)
ICQ7.4 (Version: 7.4)
Integrated Camera Driver Installer Package Ver.1.30.110.0 (Version: 1.30.110.0)
Intel® Matrix Storage Manager
J4500 (Version: 50.0.165.000)
K-Lite Codec Pack 6.8.0 (Full) (Version: 6.8.0)
LightScribe System Software (Version: 1.18.6.1)
LSI HDA Modem (Version: 2.2.100)
Malwarebytes Anti-Malware Version 1.62.0.1300 (Version: 1.62.0.1300)
Marvell Miniport Driver (Version: 10.70.5.3)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.7)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 17.0.1 (x86 en-US) (Version: 17.0.1)
Mozilla Maintenance Service (Version: 17.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
No23 Recorder (Version: 2.1.0.3)
OpenAL
PCM Fast Editor (HKCU Version: 2.1.0.0)
PDF Complete Special Edition (Version: 3.5.108)
Picasa 3 (Version: 3.9)
Politik Tycoon 1.01
ProductContext (Version: 50.0.165.000)
QLBCASL (Version: 6.40.17.2)
Rainlendar2 (remove only)
Roxio Activation Module (Version: 1.0)
Roxio Creator Audio (Version: 3.8.0)
Roxio Creator Business (Version: 10.3)
Roxio Creator Business v10 (Version: 3.8.0)
Roxio Creator Copy (Version: 3.8.0)
Roxio Creator Data (Version: 3.8.0)
Roxio Creator Tools (Version: 3.8.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio MyDVD (Version: 10.3.349)
Scan (Version: 13.0.0.0)
SCR3xxx Smart Card Reader (Version: 8.35)
Skype™ 6.6 (Version: 6.6.106)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
SopCast 3.2.9 (Version: 3.2.9)
SoundMAX (Version: 6.10.1.7255)
Synaptics Pointing Device Driver (Version: 15.0.17.2)
Toolbox (Version: 130.0.648.000)
Tour de France 2011 - Der offizielle Radsport-Manager Version 1 (Version: 1.0.4.4)
Uninstall 1.0.0.1
Unity Web Player (HKCU Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4.5 (KB2750147) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Veetle TV 0.9.18 (Version: 0.9.18)
VLC media player 1.1.4 (Version: 1.1.4)
WebReg (Version: 130.0.132.017)
Windows 7 Default Setting (Version: 1.0.0.6)
Windows Live Anmelde-Assistent (Version: 5.000.818.5)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Fotogalerie (Version: 14.0.8081.709)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinZip 12.0 (Version: 12.0.8252)
Wsys Control 1.0.0.2598 (Version: 1.0.0.2598)
==================== Restore Points =========================
11-07-2013 12:30:58 Geplanter Prüfpunkt
12-07-2013 07:51:33 Windows Update
22-07-2013 17:55:37 Geplanter Prüfpunkt
01-08-2013 05:43:22 Geplanter Prüfpunkt
01-08-2013 07:04:30 Wiederherstellungsvorgang
06-08-2013 06:07:29 Windows Update
06-08-2013 10:48:23 Windows Update
06-08-2013 10:53:08 Removed Java(TM) 6 Update 35
==================== Hosts content: ==========================
2010-06-13 01:01 - 2010-06-13 01:01 - 00012407 ____A C:\windows\system32\Drivers\etc\hosts
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "hxxp://www.w3.org/TR/html4/strict.dtd">
<html lang='en'>
<head>
<meta name="description" content="Yahoo! GeoCities offers you a free web site and all the tools you need to build a dynamic site. Features include easy-to-use site building tools, online help, web site statistics, secure and reliable hosting, and an intuitive control panel.">
<title>Yahoo! GeoCities: Get a web site with easy-to-use site building tools.</title>
<link rel="stylesheet" type="text/css" media="all" href="hxxp://l.yimg.com/a/combo?yui/2.5.2/build/reset-fonts-grids/reset-fonts-grids.css&smbiz/css/headfoot_6.css&smbiz/css/ysbs_glossary_1.css">
<link rel="stylesheet" type="text/css" media="all" href="hxxp://us.i1.yimg.com/us.yimg.com/lib/smbiz/css/geocities_84954.css"> <style>
h1 { line-height:30px;height:30px; padding-left:15px; font-weight:bold;font-size:1.6em;color:#1f296a;}
.services li { margin-left:1.0em; padding-left:0.5em; background:url("hxxp://l.yimg.com/a/lib/smbiz/i/geo_bullet_3x3_1.gif") no-repeat 0 0.5em; margin-bottom:0.5em;margin-left:1.5em;margin-right:0.5em;width:6em}
.services li {float:left; width:17em; font-size:116%;margin-top:0.8em}
.services { font-size:116%; padding-bottom:20px }
.learnmore a {color:#2882DE;font-size:16px}
.image_web {float:right; margin:15px 0 0 15px}
p {margin:20px;font-size:1em;}
h2 {margin:20px 0 0 20px;color:#1F296;font-weight:bold;font-size:1.25em;color:#1f296a;}
h3 {margin:20px;color:#1F296;font-weight:bold;font-size:1.15em;color:#1f296a;}
li.rule {border-top:solid 1px #DBE1E6;}
</style>
</head>
<body>
<!-- following code added by server. PLEASE REMOVE -->
<!-- preceding code added by server. PLEASE REMOVE -->
<div class="ez-mw" style ="height:900px;width:905px">
<div class="ez-wri ez-oh" style="width:900px">
<div class="ez-box"> <link type="text/css" rel="stylesheet" href="hxxp://l.yimg.com/a/lib/uh/15/css/uh-1.0.28.css">
<style type="text/css">
div#headerblock div{font-family:arial;}
#ygma{position:relative;z-index:99999;}
#ygma #ygma-search input{width:200px;}
#ygma #ygma-search{width:400px;}
</style>
<div id="ygma"><div id="ygmaheader"><div class="bd sp"><div id="ymenu" class="ygmaclr"><div id="mepanel"><ul id="mepanel-nav"><li class="me1"><em>New User? <a class="ygmasignup" title="Sign Up" href="hxxp://us.ard.yahoo.com/SIG=15u88cce2/M=650008.13654023.13693397.13153904/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098940/L=HzY9i9j8aIuVH8pzSp2qoCoWz37hF0qhZ1wABADc/B=RCQ9Atj8a20-/J=1252091740846210/K=88LB2KvJxEkW95HaZ4xf4Q/A=5836007/R=2/SIG=13j8rdsqp/*https://edit.yahoo.com/config/eval_register?.done=hxxp://smallbusiness.yahoo.com%2findex.html&.src=smbiz&.intl=us">Sign Up</a></em></li><li class="me2"><a title="Sign In" href="hxxp://us.ard.yahoo.com/SIG=15u88cce2/M=650008.13654023.13693397.13153904/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098940/L=HzY9i9j8aIuVH8pzSp2qoCoWz37hF0qhZ1wABADc/B=RCQ9Atj8a20-/J=1252091740846210/K=88LB2KvJxEkW95HaZ4xf4Q/A=5836007/R=3/SIG=13cm6p12o/*https://login.yahoo.com/config/login?.done=hxxp://geocities.yahoo.com&.src=smbiz&.intl=us">Sign In</a></li>
<li class="me3"><a href="hxxp://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=7/SIG=11hjute28/*hxxp://help.yahoo.com/l/us/yahoo/geocities/" target="_top" title="Yahoo! Help Central">Help</a></li> </ul></div><div id="ygmapromo"><a style="font-weight:bold;" id="ygmaie8" href="hxxp://us.ard.yahoo.com/SIG=15vud5jbf/M=650008.13445975.13532322.12832737/D=smallbiz/S=2023010636:HPRM2/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=0Qw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5706923/R=0/SIG=117bakia1/*hxxp://toolbar.yahoo.com/?.cpdl=ushdl" target="_top">Get Yahoo! Toolbar<abbr title="Yahoo! Toolbar"></abbr></a> <script language=javascript>
if(window.yzq_d==null)window.yzq_d=new Object();
window.yzq_d['0Qw4Atj8a20-']='&U=13hn349r9%2fN%3d0Qw4Atj8a20-%2fC%3d650008.13445975.13532322.12832737%2fD%3dHPRM2%2fB%3d5706923%2fV%3d1';
</script> <noscript><img width=1 height=1 alt="" src="hxxp://us.bc.yahoo.com/b?P=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48&T=144j596l3%2fX%3d1252090825%2fE%3d2023010636%2fR%3dsmallbiz%2fK%3d5%2fV%3d2.1%2fW%3dH%2fY%3dYAHOO%2fF%3d 1861688409%2fQ%3d-1%2fS%3d1%2fJ%3d8B68FCD8&U=13hn349r9%2fN%3d0Qw4Atj8a20-%2fC%3d650008.13445975.13532322.12832737%2fD%3dHPRM2%2fB%3d5706923%2fV%3d1"></noscript></div> <div id="pa"><div id="pa-wrapper"><ul id="pa2-nav" class="sp"><li class="pa1 sp"><a class="sp" href="hxxp://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=8/SIG=10jmd0d5u/*hxxp://yahoo.com/" title="Yahoo!" target="_top">Yahoo!</a></li><li class="pa2 sp"><a class="sp" href="hxxp://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=9/SIG=10n3m6b64/*hxxp://mail.yahoo.com" title="Yahoo! Mail" target="_top">Mail</a></li></ul><div id="pa-left" class="sp"></div><ul id="pa-nav" class="sp"><li class="pa3 sp"><a class="sp" href="hxxp://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=10/SIG=10l2nj3k8/*hxxp://my.yahoo.com" title="My Yahoo!" target="_top">My Yahoo!</a></li><li class="pa4 sp"><a class="sp" href="hxxp://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=11/SIG=10niob72s/*hxxp://news.yahoo.com" title="Yahoo! News" target="_top">News</a></li><li class="pa5 sp"><a class="sp" href="hxxp://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=12/SIG=10q40gpus/*hxxp://finance.yahoo.com" title="Yahoo! Finance" target="_top">Finance</a></li><li class="pa6 sp"><a class="sp" href="hxxp://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=13/SIG=10pcalhda/*hxxp://sports.yahoo.com" title="Yahoo! Sports" target="_top">Sports</a></li></ul><div id="pa-right" class="sp"></div></div></div></div><div id="yahoo" class="ygmaclr"><div id="ygmabot"><a id="ygmalogo" href="hxxp://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=14/SIG=110k0lq1s/*hxxp://smallbusiness.yahoo.com" target="_top"><img id="ygmalogoimg" width="265" height="33" src="hxxp://l.yimg.com/a/i/us/geo/b/geo_ma_p_us_1.gif" alt="Yahoo! Small Business"></a></div><div id="ygma-search"><form class="ygmaclr" id="sf" action="hxxp://search.yahoo.com/search" method="GET"><fieldset><span class="ygma-search-wrapper" role="application"><input class="sp" type="text" id="ygmasearchInput" name="p" value="Search" onblur="if (this.value == ''){this.value='Search';this.style.color='#999';this.style.fontWeight='normal';}" onfocus="if (this.value == 'Search'){this.value='';this.style.color='#000';this.style.fontWeight='bold';}" maxlength="100" autocomplete="off" /><input type="hidden" id="fr" name="fr" value="ush-smbizc" /><div id="sat"></div></span><span class="ygma-search-wrapper"><span class="btn sp"><span class="first-child"><button name="ygmasrchbtn" id="ygmasrchbtn" value="Web Search" type="submit">Web Search </button></span></span></span></fieldset></form></div></div></div></div></div><script charset="utf-8" type="text/javascript" src="hxxp://l.yimg.com/a/lib/uh/15/js/uh-1.0.20.js"></script> <script language=javascript>
if(window.yzq_d==null)window.yzq_d=new Object();
window.yzq_d['zgw4Atj8a20-']='&U=13gmetml2%2fN%3dzgw4Atj8a20-%2fC%3d650008.13654021.13693393.13153902%2fD%3dHEAD%2fB%3d5836006%2fV%3d1';
</script>
</div>
</div>
<div class="ez-wr" style="width:898px;margin-top:1.5em">
<Div class="ez-l2a" id="wrapper">
<div class="ez-l2a-1 " style="width:898px">
<div class="ez-box">
<div class="ez-wr" >
<div class="ez-box" style="width:898px">
<h1>Sorry, the GeoCities web site you were trying to reach is no longer available.</h1>
</div>
</div>
<div class="ez-wr">
<div class="ez-box" id="boxyahoourls">
<p> GeoCities has closed, but there's a lot more to explore on Yahoo!</p>
<h2>Visit one of these popular Yahoo! sites:</h2>
<ul class= "services">
<li><a href="hxxp://mail.yahoo.com">Yahoo! Mail</a></li>
<li><a href="hxxp://smallbusiness.yahoo.com/webhosting">Web Hosting</a></li>
<li><a href="hxxp://news.yahoo.com">News</a></li>
<li><a href="hxxp://games.yahoo.com">Games</a></li>
<li><a href="hxxp://sports.yahoo.com/">Sports</a> </li>
<li><a href="hxxp://movies.yahoo.com">Movies</a></li>
<li><a href="hxxp://finance.yahoo.com">Finance</a></li>
<li><a href="hxxp://maps.yahoo.com">Maps</a></li>
</ul> </div>
<li class="rule"><!----></li>
<p>The GeoCities site you were looking for may have been preserved in the Internet Archive's Wayback Machine. To find out, <a href="hxxp://www.archive.org/web/web.php" target="_blank">visit Archive.org</a> and enter the site's web address in the field provided.</p>
<li class="rule"><!----></li>
</div>
</div>
</div> </div> <div class="ez-wr">
<div class="ez-box" style="text-align:center; margin-top:25px;">
<font size="-2" face="verdana">Copyright © 2009 <a href="hxxp://yahoo.com/">Yahoo!</a> Inc. All rights reserved.
<ul>
<li style="display:inline;"><a target="_top" href="hxxp://privacy.yahoo.com/privacy/us/geo/">Privacy Policy</a></li> - <li style="display:inline;"><a target="_top" href="hxxp://docs.yahoo.com/info/copyright/copyright.html">Copyright Policy</a></li> -
<li style="display:inline;"><a target="_top" href="hxxp://docs.yahoo.com/info/guidelines/community.html">Guidelines</a
></li> -
<li style="display:inline;"><a target="_top" href="hxxp://smallbusiness.yahoo.com/tos/tos.php">Terms of Service
</a></li> -
<li style="display:inline;"><a target="_top" href="hxxp://help.yahoo.com/help/us/geo/">Help</a></li>
</ul> </font>
</div>
</div> </div>
</body>
</html>
<!-- text below generated by server. PLEASE REMOVE --></object></layer></div></span></style></noscript></table></script></applet>
<IMG SRC="hxxp://geo.yahoo.com/serv?s=19190039&t=1276383808&f=us-w3" ALT=1 WIDTH=1 HEIGHT=1>
==================== Scheduled Tasks (whitelisted) =============
Task: {16380F69-E8DA-45D5-A26B-CBDF238850B7} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {17B82C0B-9B66-4251-8B9A-73B7D32CF4FB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {2DC3A668-B27C-46D6-82AE-4F4BAB873E37} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-11] (Microsoft Corporation)
Task: {314E6668-4A15-4235-836B-0DAED4475818} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4234438737-965128108-3711115987-1001Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-15] (Google Inc.)
Task: {40394C94-EAFF-4FB7-B733-458E30AEF6E4} - System32\Tasks\{85AC5D8A-45EA-4F83-95E3-62AD103AFF50} => c:\users\user\appdata\local\google\chrome\application\chrome.exe [2013-05-29] (Google Inc.)
Task: {4FF6F0CF-7229-4B1C-BECF-F3FB41FD3564} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-02-15] (Google Inc.)
Task: {72F07AE8-180E-4E1D-84C4-1D7CBFFE5E1D} - System32\Tasks\User_Feed_Synchronization-{40AF3FB8-A870-4B2C-8DDD-F6110729DE13} => C:\windows\system32\msfeedssync.exe [2013-07-04] (Microsoft Corporation)
Task: {9968D575-8A32-43F0-9939-15B984191853} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4234438737-965128108-3711115987-1001UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-15] (Google Inc.)
Task: {A9F79831-F37C-429C-B1C1-9FBFB7159EB3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-09-05] (Hewlett-Packard Company)
Task: {AC28ADF1-CA1D-43D2-9328-FADFC6DDCC4A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-02-15] (Google Inc.)
Task: {DE954909-08BA-42DD-BCC0-09C7E65E3D9A} - System32\Tasks\GoforFilesUpdate => C:\Program Files\GoforFiles\GFFUpdater.exe No File
Task: {E6165F25-2084-4490-A078-47E8B19D7BAB} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {F70049EA-D2DF-4316-9B1A-CBFAAA5C3A6C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4234438737-965128108-3711115987-1001Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4234438737-965128108-3711115987-1001UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Faulty Device Manager Devices =============
Name: SASKUTIL
Description: SASKUTIL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SASKUTIL
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: SASDIFSV
Description: SASDIFSV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SASDIFSV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/04/2013 09:51:33 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AsGHost.exe, Version: 3.1.1.74, Zeitstempel: 0x4a680dbf
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b60
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00052cc7
ID des fehlerhaften Prozesses: 0x149c
Startzeit der fehlerhaften Anwendung: 0xAsGHost.exe0
Pfad der fehlerhaften Anwendung: AsGHost.exe1
Pfad des fehlerhaften Moduls: AsGHost.exe2
Berichtskennung: AsGHost.exe3
Error: (08/04/2013 09:51:20 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AsGHost.exe, Version: 3.1.1.74, Zeitstempel: 0x4a680dbf
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b60
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00070053
ID des fehlerhaften Prozesses: 0x149c
Startzeit der fehlerhaften Anwendung: 0xAsGHost.exe0
Pfad der fehlerhaften Anwendung: AsGHost.exe1
Pfad des fehlerhaften Moduls: AsGHost.exe2
Berichtskennung: AsGHost.exe3
Error: (08/02/2013 07:30:55 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 10.0.9200.16635, Zeitstempel: 0x51b7a921
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000001e
ID des fehlerhaften Prozesses: 0x15ec
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (07/31/2013 07:38:52 PM) (Source: Application Hang) (User: )
Description: Programm WINWORD.EXE, Version 12.0.6668.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1eec
Startzeit: 01ce8c44551cbc41
Endzeit: 96
Anwendungspfad: C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
Berichts-ID: fe43f1d6-fa07-11e2-8528-18a905e37ce7
Error: (07/31/2013 06:57:57 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 27.0.1453.110, Zeitstempel: 0x51a566a7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b60
Ausnahmecode: 0xc000000d
Fehleroffset: 0x00097c41
ID des fehlerhaften Prozesses: 0xe48
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (07/30/2013 07:01:04 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 10.0.9200.16635, Zeitstempel: 0x51b7a921
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000001b
ID des fehlerhaften Prozesses: 0x3b6c
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (07/28/2013 10:06:28 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 10.0.9200.16635, Zeitstempel: 0x51b7a921
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000001c
ID des fehlerhaften Prozesses: 0x4bc
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (07/28/2013 10:02:38 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 10.0.9200.16635, Zeitstempel: 0x51b7a921
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000018
ID des fehlerhaften Prozesses: 0x2034
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (07/26/2013 06:52:58 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 10.0.9200.16635, Zeitstempel: 0x51b7a921
Name des fehlerhaften Moduls: Flash32_11_7_700_224.ocx, Version: 11.7.700.224, Zeitstempel: 0x51a673ec
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0059985d
ID des fehlerhaften Prozesses: 0x2e4c
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (07/26/2013 07:47:02 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AsGHost.exe, Version: 3.1.1.74, Zeitstempel: 0x4a680dbf
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b60
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00052cc7
ID des fehlerhaften Prozesses: 0xc68
Startzeit der fehlerhaften Anwendung: 0xAsGHost.exe0
Pfad der fehlerhaften Anwendung: AsGHost.exe1
Pfad des fehlerhaften Moduls: AsGHost.exe2
Berichtskennung: AsGHost.exe3
System errors:
=============
Error: (08/06/2013 01:06:23 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SASDIFSV
SASKUTIL
sfdrv01
sfvfs02
Error: (08/06/2013 01:06:10 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee Virus and Spyware Protection Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/06/2013 01:06:09 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "EngineServer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/06/2013 01:06:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SAS Core Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/06/2013 01:06:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Wsys Service" wurde nicht richtig gestartet.
Error: (08/06/2013 01:04:43 PM) (Source: atikmdag) (User: )
Description: Display is not active
Error: (08/06/2013 01:04:43 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (08/06/2013 01:04:41 PM) (Source: atikmdag) (User: )
Description: Display is not active
Error: (08/06/2013 01:04:41 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (08/06/2013 01:04:24 PM) (Source: Application Popup) (User: )
Description: Treiber sfdrv01.sys konnte nicht geladen werden.
Microsoft Office Sessions:
=========================
Error: (05/22/2013 03:59:37 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10468 seconds with 240 seconds of active time. This session ended with a crash.
Error: (05/13/2013 08:15:25 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8889 seconds with 240 seconds of active time. This session ended with a crash.
Error: (04/16/2013 02:34:06 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 9106 seconds with 0 seconds of active time. This session ended with a crash.
Error: (03/13/2013 02:23:21 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/26/2012 03:00:06 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 13067 seconds with 180 seconds of active time. This session ended with a crash.
Error: (08/05/2011 02:00:00 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4456 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/15/2010 01:46:51 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 52 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Percentage of memory in use: 45%
Total physical RAM: 3036.27 MB
Available physical RAM: 1656.59 MB
Total Pagefile: 6070.82 MB
Available Pagefile: 4430.38 MB
Total Virtual: 2047.88 MB
Available Virtual: 1892.99 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:448.47 GB) (Free:205.77 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.91 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: DC4BB5EC)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)
==================== End Of Log ============================
| GMER Logfile: Code:
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-08-06 14:12:24
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST950042 rev.0006 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\User\AppData\Local\Temp\kxldapob.sys
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 8304C9F5 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 830861F2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
? C:\windows\System32\Drivers\SafeBoot.sys Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
.text C:\windows\system32\DRIVERS\atikmdag.sys section is writeable [0x9662B000, 0x2D51CE, 0xE8000020]
.text C:\windows\system32\DRIVERS\atksgt.sys section is writeable [0x9E1B7300, 0x3B6D8, 0xE8000020]
.text C:\windows\system32\DRIVERS\lirsgt.sys section is writeable [0x9E1FA300, 0x1BEE, 0xE8000020]
? C:\Users\User\AppData\Local\Temp\mbr.sys Das System kann die angegebene Datei nicht finden. !
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys
AttachedDevice \Driver\tdx \Device\Tcp mfetdik.sys
AttachedDevice \Driver\tdx \Device\Udp mfetdik.sys
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002713591c59
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002713591c59 (not active ControlSet)
---- EOF - GMER 2.1 ---- --- --- ---
So mehr habe ich noch nicht gemacht. Achja Avira hat natürlich nix gefunden. Würde mich sehr über eure Hilfe freuen. Vielen Dank schonmal im Vorraus |